In recent years, due to high functions of mobile units such as cellular telephones, a mobile unit which alone can perform WWW browsing by installing the browser of WWW (World Wide Web) (hereinafter, referred to as “WWW browser”) in the mobile unit is put on the market. By using the mobile unit, a user can receive provisions of several kinds of services from the information provider on the Internet (hereinafter, referred to as “IP”).
Among services provided by an IP, there are some which are only provided to users who sign a contract, or others that require secrecy; therefore, the IP which provides these types of services carries out user authentication to provide services with the object of preventing a fraudulent use by a third party. As a user authentication method, the method of using a password has been used in general. However, there is a danger that the password might leak to a fraudulent third party through the user authentication method based on the use of passwords, and anyone can use the service fraudulently once the password gets leaked. Hence, for instance, when providing a service such as a bank transaction service using NetWare (hereinafter, referred to as “net banking”), in which a complete security has to be ensured, a user authentication method, which can ensure more reliability needs to be used.
Hence, in the IP which provides this type of service, user authentication is carried out by using exclusive information such as a transmitted ID retained by a mobile communication network (hereinafter, referred to as “personal identification information”), by which a mobile unit can be identified. A brief description of this type of authentication is as follows:    i. When a service is provided to a user of a mobile unit, the server owned by the IP (hereinafter, referred to as “IP server”) at first requests the mobile communication network to transmit personal identification information.    ii. The mobile communication network transmits the personal identification information to an IP server on the basis of the transmission request.    iii. An IP server carries out user authentication on the basis of the personal identification information transmitted from the mobile communication network.
Conventionally, fraudulent use by a third party has been effectively prevented by the above-mentioned user authentication method.
However, personal identification information is important information as it pertains to the privacy and the property of the user. Hence, there is a danger of causing some unexpected damage to the user of the mobile unit if the mobile communication company provides personal identification information of users to an IP without any restriction. A mobile communication company signs a contract with the IP to which personal identification information the company retains is provided beforehand to prevent such unexpected damage, and ensures the trustworthiness of the destination to which personal information is provided in this manner. Since a contract has to be signed beforehand in this method, it is not possible for an IP, which does not have a contract with a mobile communication company to use personal identification information of users, to carryout user authentication.